<?php
require("DBops.php");

function login($con, $user, $password)
{	
	if(!query($con, "ID", "personalInfo", "ID", $user))
	{
		return false;
	}
	else
	{
		$result = query($con, "password", "personalInfo", "ID", $user);
		$row = mysql_fetch_array($result);
		
		if($row['password'] == $password)
		{
			session_start();

			$_SESSION['user'] = $user;
			
			
			echo "login successfully!";
			return true;
			
		}
	}
	
	return false;
}

function checkAuthority($con, $authority, $ID = "")
{
	if(isset($_SESSION['user']))
	{
		if(!$result = query($con, "*", "personalInfo", "ID", $_SESSION["user"]))
		{
			return false;
		}
		else
		{
			$row = mysql_fetch_array($result);
			
			if($authority == "isSelf")
			{
				if($ID == $_SESSION["user"])
				{
					return true;
				}
			}
			else if($authority == "isTeamember")
			{
				
				if($row['projecteamID'] == $ID)
				{
					return true;
				}
			}
			else if($row['role'] == $authority)
			{
				return true;
			}
		}
	}

	return false;
}   


function logout()
{
	//session_unregister();  注销单个 session 变量
	unset($_SESSION['user']); 
	$_SESSION['user'] = "";
	session_unset();  
	session_destroy(); 
}


?>